1/* 2 * QEMU USB OHCI Emulation 3 * Copyright (c) 2004 Gianni Tedesco 4 * Copyright (c) 2006 CodeSourcery 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * This library is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU Lesser General Public 9 * License as published by the Free Software Foundation; either 10 * version 2 of the License, or (at your option) any later version. 11 * 12 * This library is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 15 * Lesser General Public License for more details. 16 * 17 * You should have received a copy of the GNU Lesser General Public 18 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 19 * 20 * TODO: 21 * o Isochronous transfers 22 * o Allocate bandwidth in frames properly 23 * o Disable timers when nothing needs to be done, or remove timer usage 24 * all together. 25 * o Handle unrecoverable errors properly 26 * o BIOS work to boot from USB storage 27*/ 28 29#include "hw.h" 30#include "qemu-timer.h" 31#include "usb.h" 32#include "pci.h" 33#include "pxa.h" 34#include "devices.h" 35 36//#define DEBUG_OHCI 37/* Dump packet contents. */ 38//#define DEBUG_PACKET 39//#define DEBUG_ISOCH 40/* This causes frames to occur 1000x slower */ 41//#define OHCI_TIME_WARP 1 42 43#ifdef DEBUG_OHCI 44#define dprintf printf 45#else 46#define dprintf(...) 47#endif 48 49/* Number of Downstream Ports on the root hub. */ 50 51#define OHCI_MAX_PORTS 15 52 53static int64_t usb_frame_time; 54static int64_t usb_bit_time; 55 56typedef struct OHCIPort { 57 USBPort port; 58 uint32_t ctrl; 59} OHCIPort; 60 61enum ohci_type { 62 OHCI_TYPE_PCI, 63 OHCI_TYPE_PXA, 64 OHCI_TYPE_SM501, 65}; 66 67typedef struct { 68 qemu_irq irq; 69 enum ohci_type type; 70 int mem; 71 int num_ports; 72 const char *name; 73 74 QEMUTimer *eof_timer; 75 int64_t sof_time; 76 77 /* OHCI state */ 78 /* Control partition */ 79 uint32_t ctl, status; 80 uint32_t intr_status; 81 uint32_t intr; 82 83 /* memory pointer partition */ 84 uint32_t hcca; 85 uint32_t ctrl_head, ctrl_cur; 86 uint32_t bulk_head, bulk_cur; 87 uint32_t per_cur; 88 uint32_t done; 89 int done_count; 90 91 /* Frame counter partition */ 92 uint32_t fsmps:15; 93 uint32_t fit:1; 94 uint32_t fi:14; 95 uint32_t frt:1; 96 uint16_t frame_number; 97 uint16_t padding; 98 uint32_t pstart; 99 uint32_t lst; 100 101 /* Root Hub partition */ 102 uint32_t rhdesc_a, rhdesc_b; 103 uint32_t rhstatus; 104 OHCIPort rhport[OHCI_MAX_PORTS]; 105 106 /* PXA27x Non-OHCI events */ 107 uint32_t hstatus; 108 uint32_t hmask; 109 uint32_t hreset; 110 uint32_t htest; 111 112 /* SM501 local memory offset */ 113 target_phys_addr_t localmem_base; 114 115 /* Active packets. */ 116 uint32_t old_ctl; 117 USBPacket usb_packet; 118 uint8_t usb_buf[8192]; 119 uint32_t async_td; 120 int async_complete; 121 122} OHCIState; 123 124/* Host Controller Communications Area */ 125struct ohci_hcca { 126 uint32_t intr[32]; 127 uint16_t frame, pad; 128 uint32_t done; 129}; 130 131static void ohci_bus_stop(OHCIState *ohci); 132 133/* Bitfields for the first word of an Endpoint Desciptor. */ 134#define OHCI_ED_FA_SHIFT 0 135#define OHCI_ED_FA_MASK (0x7f<<OHCI_ED_FA_SHIFT) 136#define OHCI_ED_EN_SHIFT 7 137#define OHCI_ED_EN_MASK (0xf<<OHCI_ED_EN_SHIFT) 138#define OHCI_ED_D_SHIFT 11 139#define OHCI_ED_D_MASK (3<<OHCI_ED_D_SHIFT) 140#define OHCI_ED_S (1<<13) 141#define OHCI_ED_K (1<<14) 142#define OHCI_ED_F (1<<15) 143#define OHCI_ED_MPS_SHIFT 16 144#define OHCI_ED_MPS_MASK (0x7ff<<OHCI_ED_MPS_SHIFT) 145 146/* Flags in the head field of an Endpoint Desciptor. */ 147#define OHCI_ED_H 1 148#define OHCI_ED_C 2 149 150/* Bitfields for the first word of a Transfer Desciptor. */ 151#define OHCI_TD_R (1<<18) 152#define OHCI_TD_DP_SHIFT 19 153#define OHCI_TD_DP_MASK (3<<OHCI_TD_DP_SHIFT) 154#define OHCI_TD_DI_SHIFT 21 155#define OHCI_TD_DI_MASK (7<<OHCI_TD_DI_SHIFT) 156#define OHCI_TD_T0 (1<<24) 157#define OHCI_TD_T1 (1<<24) 158#define OHCI_TD_EC_SHIFT 26 159#define OHCI_TD_EC_MASK (3<<OHCI_TD_EC_SHIFT) 160#define OHCI_TD_CC_SHIFT 28 161#define OHCI_TD_CC_MASK (0xf<<OHCI_TD_CC_SHIFT) 162 163/* Bitfields for the first word of an Isochronous Transfer Desciptor. */ 164/* CC & DI - same as in the General Transfer Desciptor */ 165#define OHCI_TD_SF_SHIFT 0 166#define OHCI_TD_SF_MASK (0xffff<<OHCI_TD_SF_SHIFT) 167#define OHCI_TD_FC_SHIFT 24 168#define OHCI_TD_FC_MASK (7<<OHCI_TD_FC_SHIFT) 169 170/* Isochronous Transfer Desciptor - Offset / PacketStatusWord */ 171#define OHCI_TD_PSW_CC_SHIFT 12 172#define OHCI_TD_PSW_CC_MASK (0xf<<OHCI_TD_PSW_CC_SHIFT) 173#define OHCI_TD_PSW_SIZE_SHIFT 0 174#define OHCI_TD_PSW_SIZE_MASK (0xfff<<OHCI_TD_PSW_SIZE_SHIFT) 175 176#define OHCI_PAGE_MASK 0xfffff000 177#define OHCI_OFFSET_MASK 0xfff 178 179#define OHCI_DPTR_MASK 0xfffffff0 180 181#define OHCI_BM(val, field) \ 182 (((val) & OHCI_##field##_MASK) >> OHCI_##field##_SHIFT) 183 184#define OHCI_SET_BM(val, field, newval) do { \ 185 val &= ~OHCI_##field##_MASK; \ 186 val |= ((newval) << OHCI_##field##_SHIFT) & OHCI_##field##_MASK; \ 187 } while(0) 188 189/* endpoint descriptor */ 190struct ohci_ed { 191 uint32_t flags; 192 uint32_t tail; 193 uint32_t head; 194 uint32_t next; 195}; 196 197/* General transfer descriptor */ 198struct ohci_td { 199 uint32_t flags; 200 uint32_t cbp; 201 uint32_t next; 202 uint32_t be; 203}; 204 205/* Isochronous transfer descriptor */ 206struct ohci_iso_td { 207 uint32_t flags; 208 uint32_t bp; 209 uint32_t next; 210 uint32_t be; 211 uint16_t offset[8]; 212}; 213 214#define USB_HZ 12000000 215 216/* OHCI Local stuff */ 217#define OHCI_CTL_CBSR ((1<<0)|(1<<1)) 218#define OHCI_CTL_PLE (1<<2) 219#define OHCI_CTL_IE (1<<3) 220#define OHCI_CTL_CLE (1<<4) 221#define OHCI_CTL_BLE (1<<5) 222#define OHCI_CTL_HCFS ((1<<6)|(1<<7)) 223#define OHCI_USB_RESET 0x00 224#define OHCI_USB_RESUME 0x40 225#define OHCI_USB_OPERATIONAL 0x80 226#define OHCI_USB_SUSPEND 0xc0 227#define OHCI_CTL_IR (1<<8) 228#define OHCI_CTL_RWC (1<<9) 229#define OHCI_CTL_RWE (1<<10) 230 231#define OHCI_STATUS_HCR (1<<0) 232#define OHCI_STATUS_CLF (1<<1) 233#define OHCI_STATUS_BLF (1<<2) 234#define OHCI_STATUS_OCR (1<<3) 235#define OHCI_STATUS_SOC ((1<<6)|(1<<7)) 236 237#define OHCI_INTR_SO (1<<0) /* Scheduling overrun */ 238#define OHCI_INTR_WD (1<<1) /* HcDoneHead writeback */ 239#define OHCI_INTR_SF (1<<2) /* Start of frame */ 240#define OHCI_INTR_RD (1<<3) /* Resume detect */ 241#define OHCI_INTR_UE (1<<4) /* Unrecoverable error */ 242#define OHCI_INTR_FNO (1<<5) /* Frame number overflow */ 243#define OHCI_INTR_RHSC (1<<6) /* Root hub status change */ 244#define OHCI_INTR_OC (1<<30) /* Ownership change */ 245#define OHCI_INTR_MIE (1<<31) /* Master Interrupt Enable */ 246 247#define OHCI_HCCA_SIZE 0x100 248#define OHCI_HCCA_MASK 0xffffff00 249 250#define OHCI_EDPTR_MASK 0xfffffff0 251 252#define OHCI_FMI_FI 0x00003fff 253#define OHCI_FMI_FSMPS 0xffff0000 254#define OHCI_FMI_FIT 0x80000000 255 256#define OHCI_FR_RT (1<<31) 257 258#define OHCI_LS_THRESH 0x628 259 260#define OHCI_RHA_RW_MASK 0x00000000 /* Mask of supported features. */ 261#define OHCI_RHA_PSM (1<<8) 262#define OHCI_RHA_NPS (1<<9) 263#define OHCI_RHA_DT (1<<10) 264#define OHCI_RHA_OCPM (1<<11) 265#define OHCI_RHA_NOCP (1<<12) 266#define OHCI_RHA_POTPGT_MASK 0xff000000 267 268#define OHCI_RHS_LPS (1<<0) 269#define OHCI_RHS_OCI (1<<1) 270#define OHCI_RHS_DRWE (1<<15) 271#define OHCI_RHS_LPSC (1<<16) 272#define OHCI_RHS_OCIC (1<<17) 273#define OHCI_RHS_CRWE (1<<31) 274 275#define OHCI_PORT_CCS (1<<0) 276#define OHCI_PORT_PES (1<<1) 277#define OHCI_PORT_PSS (1<<2) 278#define OHCI_PORT_POCI (1<<3) 279#define OHCI_PORT_PRS (1<<4) 280#define OHCI_PORT_PPS (1<<8) 281#define OHCI_PORT_LSDA (1<<9) 282#define OHCI_PORT_CSC (1<<16) 283#define OHCI_PORT_PESC (1<<17) 284#define OHCI_PORT_PSSC (1<<18) 285#define OHCI_PORT_OCIC (1<<19) 286#define OHCI_PORT_PRSC (1<<20) 287#define OHCI_PORT_WTC (OHCI_PORT_CSC|OHCI_PORT_PESC|OHCI_PORT_PSSC \ 288 |OHCI_PORT_OCIC|OHCI_PORT_PRSC) 289 290#define OHCI_TD_DIR_SETUP 0x0 291#define OHCI_TD_DIR_OUT 0x1 292#define OHCI_TD_DIR_IN 0x2 293#define OHCI_TD_DIR_RESERVED 0x3 294 295#define OHCI_CC_NOERROR 0x0 296#define OHCI_CC_CRC 0x1 297#define OHCI_CC_BITSTUFFING 0x2 298#define OHCI_CC_DATATOGGLEMISMATCH 0x3 299#define OHCI_CC_STALL 0x4 300#define OHCI_CC_DEVICENOTRESPONDING 0x5 301#define OHCI_CC_PIDCHECKFAILURE 0x6 302#define OHCI_CC_UNDEXPETEDPID 0x7 303#define OHCI_CC_DATAOVERRUN 0x8 304#define OHCI_CC_DATAUNDERRUN 0x9 305#define OHCI_CC_BUFFEROVERRUN 0xc 306#define OHCI_CC_BUFFERUNDERRUN 0xd 307 308#define OHCI_HRESET_FSBIR (1 << 0) 309 310/* Update IRQ levels */ 311static inline void ohci_intr_update(OHCIState *ohci) 312{ 313 int level = 0; 314 315 if ((ohci->intr & OHCI_INTR_MIE) && 316 (ohci->intr_status & ohci->intr)) 317 level = 1; 318 319 qemu_set_irq(ohci->irq, level); 320} 321 322/* Set an interrupt */ 323static inline void ohci_set_interrupt(OHCIState *ohci, uint32_t intr) 324{ 325 ohci->intr_status |= intr; 326 ohci_intr_update(ohci); 327} 328 329/* Attach or detach a device on a root hub port. */ 330static void ohci_attach(USBPort *port1, USBDevice *dev) 331{ 332 OHCIState *s = port1->opaque; 333 OHCIPort *port = &s->rhport[port1->index]; 334 uint32_t old_state = port->ctrl; 335 336 if (dev) { 337 if (port->port.dev) { 338 usb_attach(port1, NULL); 339 } 340 /* set connect status */ 341 port->ctrl |= OHCI_PORT_CCS | OHCI_PORT_CSC; 342 343 /* update speed */ 344 if (dev->speed == USB_SPEED_LOW) 345 port->ctrl |= OHCI_PORT_LSDA; 346 else 347 port->ctrl &= ~OHCI_PORT_LSDA; 348 port->port.dev = dev; 349 350 /* notify of remote-wakeup */ 351 if ((s->ctl & OHCI_CTL_HCFS) == OHCI_USB_SUSPEND) 352 ohci_set_interrupt(s, OHCI_INTR_RD); 353 354 /* send the attach message */ 355 usb_send_msg(dev, USB_MSG_ATTACH); 356 dprintf("usb-ohci: Attached port %d\n", port1->index); 357 } else { 358 /* set connect status */ 359 if (port->ctrl & OHCI_PORT_CCS) { 360 port->ctrl &= ~OHCI_PORT_CCS; 361 port->ctrl |= OHCI_PORT_CSC; 362 } 363 /* disable port */ 364 if (port->ctrl & OHCI_PORT_PES) { 365 port->ctrl &= ~OHCI_PORT_PES; 366 port->ctrl |= OHCI_PORT_PESC; 367 } 368 dev = port->port.dev; 369 if (dev) { 370 /* send the detach message */ 371 usb_send_msg(dev, USB_MSG_DETACH); 372 } 373 port->port.dev = NULL; 374 dprintf("usb-ohci: Detached port %d\n", port1->index); 375 } 376 377 if (old_state != port->ctrl) 378 ohci_set_interrupt(s, OHCI_INTR_RHSC); 379} 380 381/* Reset the controller */ 382static void ohci_reset(void *opaque) 383{ 384 OHCIState *ohci = opaque; 385 OHCIPort *port; 386 int i; 387 388 ohci_bus_stop(ohci); 389 ohci->ctl = 0; 390 ohci->old_ctl = 0; 391 ohci->status = 0; 392 ohci->intr_status = 0; 393 ohci->intr = OHCI_INTR_MIE; 394 395 ohci->hcca = 0; 396 ohci->ctrl_head = ohci->ctrl_cur = 0; 397 ohci->bulk_head = ohci->bulk_cur = 0; 398 ohci->per_cur = 0; 399 ohci->done = 0; 400 ohci->done_count = 7; 401 402 /* FSMPS is marked TBD in OCHI 1.0, what gives ffs? 403 * I took the value linux sets ... 404 */ 405 ohci->fsmps = 0x2778; 406 ohci->fi = 0x2edf; 407 ohci->fit = 0; 408 ohci->frt = 0; 409 ohci->frame_number = 0; 410 ohci->pstart = 0; 411 ohci->lst = OHCI_LS_THRESH; 412 413 ohci->rhdesc_a = OHCI_RHA_NPS | ohci->num_ports; 414 ohci->rhdesc_b = 0x0; /* Impl. specific */ 415 ohci->rhstatus = 0; 416 417 for (i = 0; i < ohci->num_ports; i++) 418 { 419 port = &ohci->rhport[i]; 420 port->ctrl = 0; 421 if (port->port.dev) 422 ohci_attach(&port->port, port->port.dev); 423 } 424 if (ohci->async_td) { 425 usb_cancel_packet(&ohci->usb_packet); 426 ohci->async_td = 0; 427 } 428 dprintf("usb-ohci: Reset %s\n", ohci->name); 429} 430 431/* Get an array of dwords from main memory */ 432static inline int get_dwords(OHCIState *ohci, 433 uint32_t addr, uint32_t *buf, int num) 434{ 435 int i; 436 437 addr += ohci->localmem_base; 438 439 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) { 440 cpu_physical_memory_rw(addr, (uint8_t *)buf, sizeof(*buf), 0); 441 *buf = le32_to_cpu(*buf); 442 } 443 444 return 1; 445} 446 447/* Put an array of dwords in to main memory */ 448static inline int put_dwords(OHCIState *ohci, 449 uint32_t addr, uint32_t *buf, int num) 450{ 451 int i; 452 453 addr += ohci->localmem_base; 454 455 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) { 456 uint32_t tmp = cpu_to_le32(*buf); 457 cpu_physical_memory_rw(addr, (uint8_t *)&tmp, sizeof(tmp), 1); 458 } 459 460 return 1; 461} 462 463/* Get an array of words from main memory */ 464static inline int get_words(OHCIState *ohci, 465 uint32_t addr, uint16_t *buf, int num) 466{ 467 int i; 468 469 addr += ohci->localmem_base; 470 471 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) { 472 cpu_physical_memory_rw(addr, (uint8_t *)buf, sizeof(*buf), 0); 473 *buf = le16_to_cpu(*buf); 474 } 475 476 return 1; 477} 478 479/* Put an array of words in to main memory */ 480static inline int put_words(OHCIState *ohci, 481 uint32_t addr, uint16_t *buf, int num) 482{ 483 int i; 484 485 addr += ohci->localmem_base; 486 487 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) { 488 uint16_t tmp = cpu_to_le16(*buf); 489 cpu_physical_memory_rw(addr, (uint8_t *)&tmp, sizeof(tmp), 1); 490 } 491 492 return 1; 493} 494 495static inline int ohci_read_ed(OHCIState *ohci, 496 uint32_t addr, struct ohci_ed *ed) 497{ 498 return get_dwords(ohci, addr, (uint32_t *)ed, sizeof(*ed) >> 2); 499} 500 501static inline int ohci_read_td(OHCIState *ohci, 502 uint32_t addr, struct ohci_td *td) 503{ 504 return get_dwords(ohci, addr, (uint32_t *)td, sizeof(*td) >> 2); 505} 506 507static inline int ohci_read_iso_td(OHCIState *ohci, 508 uint32_t addr, struct ohci_iso_td *td) 509{ 510 return (get_dwords(ohci, addr, (uint32_t *)td, 4) && 511 get_words(ohci, addr + 16, td->offset, 8)); 512} 513 514static inline int ohci_read_hcca(OHCIState *ohci, 515 uint32_t addr, struct ohci_hcca *hcca) 516{ 517 cpu_physical_memory_rw(addr + ohci->localmem_base, 518 (uint8_t *)hcca, sizeof(*hcca), 0); 519 return 1; 520} 521 522static inline int ohci_put_ed(OHCIState *ohci, 523 uint32_t addr, struct ohci_ed *ed) 524{ 525 return put_dwords(ohci, addr, (uint32_t *)ed, sizeof(*ed) >> 2); 526} 527 528static inline int ohci_put_td(OHCIState *ohci, 529 uint32_t addr, struct ohci_td *td) 530{ 531 return put_dwords(ohci, addr, (uint32_t *)td, sizeof(*td) >> 2); 532} 533 534static inline int ohci_put_iso_td(OHCIState *ohci, 535 uint32_t addr, struct ohci_iso_td *td) 536{ 537 return (put_dwords(ohci, addr, (uint32_t *)td, 4) && 538 put_words(ohci, addr + 16, td->offset, 8)); 539} 540 541static inline int ohci_put_hcca(OHCIState *ohci, 542 uint32_t addr, struct ohci_hcca *hcca) 543{ 544 cpu_physical_memory_rw(addr + ohci->localmem_base, 545 (uint8_t *)hcca, sizeof(*hcca), 1); 546 return 1; 547} 548 549/* Read/Write the contents of a TD from/to main memory. */ 550static void ohci_copy_td(OHCIState *ohci, struct ohci_td *td, 551 uint8_t *buf, int len, int write) 552{ 553 uint32_t ptr; 554 uint32_t n; 555 556 ptr = td->cbp; 557 n = 0x1000 - (ptr & 0xfff); 558 if (n > len) 559 n = len; 560 cpu_physical_memory_rw(ptr + ohci->localmem_base, buf, n, write); 561 if (n == len) 562 return; 563 ptr = td->be & ~0xfffu; 564 buf += n; 565 cpu_physical_memory_rw(ptr + ohci->localmem_base, buf, len - n, write); 566} 567 568/* Read/Write the contents of an ISO TD from/to main memory. */ 569static void ohci_copy_iso_td(OHCIState *ohci, 570 uint32_t start_addr, uint32_t end_addr, 571 uint8_t *buf, int len, int write) 572{ 573 uint32_t ptr; 574 uint32_t n; 575 576 ptr = start_addr; 577 n = 0x1000 - (ptr & 0xfff); 578 if (n > len) 579 n = len; 580 cpu_physical_memory_rw(ptr + ohci->localmem_base, buf, n, write); 581 if (n == len) 582 return; 583 ptr = end_addr & ~0xfffu; 584 buf += n; 585 cpu_physical_memory_rw(ptr + ohci->localmem_base, buf, len - n, write); 586} 587 588static void ohci_process_lists(OHCIState *ohci, int completion); 589 590static void ohci_async_complete_packet(USBPacket *packet, void *opaque) 591{ 592 OHCIState *ohci = opaque; 593#ifdef DEBUG_PACKET 594 dprintf("Async packet complete\n"); 595#endif 596 ohci->async_complete = 1; 597 ohci_process_lists(ohci, 1); 598} 599 600#define USUB(a, b) ((int16_t)((uint16_t)(a) - (uint16_t)(b))) 601 602static int ohci_service_iso_td(OHCIState *ohci, struct ohci_ed *ed, 603 int completion) 604{ 605 int dir; 606 size_t len = 0; 607 const char *str = NULL; 608 int pid; 609 int ret; 610 int i; 611 USBDevice *dev; 612 struct ohci_iso_td iso_td; 613 uint32_t addr; 614 uint16_t starting_frame; 615 int16_t relative_frame_number; 616 int frame_count; 617 uint32_t start_offset, next_offset, end_offset = 0; 618 uint32_t start_addr, end_addr; 619 620 addr = ed->head & OHCI_DPTR_MASK; 621 622 if (!ohci_read_iso_td(ohci, addr, &iso_td)) { 623 printf("usb-ohci: ISO_TD read error at %x\n", addr); 624 return 0; 625 } 626 627 starting_frame = OHCI_BM(iso_td.flags, TD_SF); 628 frame_count = OHCI_BM(iso_td.flags, TD_FC); 629 relative_frame_number = USUB(ohci->frame_number, starting_frame); 630 631#ifdef DEBUG_ISOCH 632 printf("--- ISO_TD ED head 0x%.8x tailp 0x%.8x\n" 633 "0x%.8x 0x%.8x 0x%.8x 0x%.8x\n" 634 "0x%.8x 0x%.8x 0x%.8x 0x%.8x\n" 635 "0x%.8x 0x%.8x 0x%.8x 0x%.8x\n" 636 "frame_number 0x%.8x starting_frame 0x%.8x\n" 637 "frame_count 0x%.8x relative %d\n" 638 "di 0x%.8x cc 0x%.8x\n", 639 ed->head & OHCI_DPTR_MASK, ed->tail & OHCI_DPTR_MASK, 640 iso_td.flags, iso_td.bp, iso_td.next, iso_td.be, 641 iso_td.offset[0], iso_td.offset[1], iso_td.offset[2], iso_td.offset[3], 642 iso_td.offset[4], iso_td.offset[5], iso_td.offset[6], iso_td.offset[7], 643 ohci->frame_number, starting_frame, 644 frame_count, relative_frame_number, 645 OHCI_BM(iso_td.flags, TD_DI), OHCI_BM(iso_td.flags, TD_CC)); 646#endif 647 648 if (relative_frame_number < 0) { 649 dprintf("usb-ohci: ISO_TD R=%d < 0\n", relative_frame_number); 650 return 1; 651 } else if (relative_frame_number > frame_count) { 652 /* ISO TD expired - retire the TD to the Done Queue and continue with 653 the next ISO TD of the same ED */ 654 dprintf("usb-ohci: ISO_TD R=%d > FC=%d\n", relative_frame_number, 655 frame_count); 656 OHCI_SET_BM(iso_td.flags, TD_CC, OHCI_CC_DATAOVERRUN); 657 ed->head &= ~OHCI_DPTR_MASK; 658 ed->head |= (iso_td.next & OHCI_DPTR_MASK); 659 iso_td.next = ohci->done; 660 ohci->done = addr; 661 i = OHCI_BM(iso_td.flags, TD_DI); 662 if (i < ohci->done_count) 663 ohci->done_count = i; 664 ohci_put_iso_td(ohci, addr, &iso_td); 665 return 0; 666 } 667 668 dir = OHCI_BM(ed->flags, ED_D); 669 switch (dir) { 670 case OHCI_TD_DIR_IN: 671 str = "in"; 672 pid = USB_TOKEN_IN; 673 break; 674 case OHCI_TD_DIR_OUT: 675 str = "out"; 676 pid = USB_TOKEN_OUT; 677 break; 678 case OHCI_TD_DIR_SETUP: 679 str = "setup"; 680 pid = USB_TOKEN_SETUP; 681 break; 682 default: 683 printf("usb-ohci: Bad direction %d\n", dir); 684 return 1; 685 } 686 687 if (!iso_td.bp || !iso_td.be) { 688 printf("usb-ohci: ISO_TD bp 0x%.8x be 0x%.8x\n", iso_td.bp, iso_td.be); 689 return 1; 690 } 691 692 start_offset = iso_td.offset[relative_frame_number]; 693 next_offset = iso_td.offset[relative_frame_number + 1]; 694 695 if (!(OHCI_BM(start_offset, TD_PSW_CC) & 0xe) || 696 ((relative_frame_number < frame_count) && 697 !(OHCI_BM(next_offset, TD_PSW_CC) & 0xe))) { 698 printf("usb-ohci: ISO_TD cc != not accessed 0x%.8x 0x%.8x\n", 699 start_offset, next_offset); 700 return 1; 701 } 702 703 if ((relative_frame_number < frame_count) && (start_offset > next_offset)) { 704 printf("usb-ohci: ISO_TD start_offset=0x%.8x > next_offset=0x%.8x\n", 705 start_offset, next_offset); 706 return 1; 707 } 708 709 if ((start_offset & 0x1000) == 0) { 710 start_addr = (iso_td.bp & OHCI_PAGE_MASK) | 711 (start_offset & OHCI_OFFSET_MASK); 712 } else { 713 start_addr = (iso_td.be & OHCI_PAGE_MASK) | 714 (start_offset & OHCI_OFFSET_MASK); 715 } 716 717 if (relative_frame_number < frame_count) { 718 end_offset = next_offset - 1; 719 if ((end_offset & 0x1000) == 0) { 720 end_addr = (iso_td.bp & OHCI_PAGE_MASK) | 721 (end_offset & OHCI_OFFSET_MASK); 722 } else { 723 end_addr = (iso_td.be & OHCI_PAGE_MASK) | 724 (end_offset & OHCI_OFFSET_MASK); 725 } 726 } else { 727 /* Last packet in the ISO TD */ 728 end_addr = iso_td.be; 729 } 730 731 if ((start_addr & OHCI_PAGE_MASK) != (end_addr & OHCI_PAGE_MASK)) { 732 len = (end_addr & OHCI_OFFSET_MASK) + 0x1001 733 - (start_addr & OHCI_OFFSET_MASK); 734 } else { 735 len = end_addr - start_addr + 1; 736 } 737 738 if (len && dir != OHCI_TD_DIR_IN) { 739 ohci_copy_iso_td(ohci, start_addr, end_addr, ohci->usb_buf, len, 0); 740 } 741 742 if (completion) { 743 ret = ohci->usb_packet.len; 744 } else { 745 ret = USB_RET_NODEV; 746 for (i = 0; i < ohci->num_ports; i++) { 747 dev = ohci->rhport[i].port.dev; 748 if ((ohci->rhport[i].ctrl & OHCI_PORT_PES) == 0) 749 continue; 750 ohci->usb_packet.pid = pid; 751 ohci->usb_packet.devaddr = OHCI_BM(ed->flags, ED_FA); 752 ohci->usb_packet.devep = OHCI_BM(ed->flags, ED_EN); 753 ohci->usb_packet.data = ohci->usb_buf; 754 ohci->usb_packet.len = len; 755 ohci->usb_packet.complete_cb = ohci_async_complete_packet; 756 ohci->usb_packet.complete_opaque = ohci; 757 ret = dev->handle_packet(dev, &ohci->usb_packet); 758 if (ret != USB_RET_NODEV) 759 break; 760 } 761 762 if (ret == USB_RET_ASYNC) { 763 return 1; 764 } 765 } 766 767#ifdef DEBUG_ISOCH 768 printf("so 0x%.8x eo 0x%.8x\nsa 0x%.8x ea 0x%.8x\ndir %s len %zu ret %d\n", 769 start_offset, end_offset, start_addr, end_addr, str, len, ret); 770#endif 771 772 /* Writeback */ 773 if (dir == OHCI_TD_DIR_IN && ret >= 0 && ret <= len) { 774 /* IN transfer succeeded */ 775 ohci_copy_iso_td(ohci, start_addr, end_addr, ohci->usb_buf, ret, 1); 776 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC, 777 OHCI_CC_NOERROR); 778 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE, ret); 779 } else if (dir == OHCI_TD_DIR_OUT && ret == len) { 780 /* OUT transfer succeeded */ 781 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC, 782 OHCI_CC_NOERROR); 783 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE, 0); 784 } else { 785 if (ret > (ssize_t) len) { 786 printf("usb-ohci: DataOverrun %d > %zu\n", ret, len); 787 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC, 788 OHCI_CC_DATAOVERRUN); 789 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE, 790 len); 791 } else if (ret >= 0) { 792 printf("usb-ohci: DataUnderrun %d\n", ret); 793 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC, 794 OHCI_CC_DATAUNDERRUN); 795 } else { 796 switch (ret) { 797 case USB_RET_NODEV: 798 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC, 799 OHCI_CC_DEVICENOTRESPONDING); 800 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE, 801 0); 802 break; 803 case USB_RET_NAK: 804 case USB_RET_STALL: 805 printf("usb-ohci: got NAK/STALL %d\n", ret); 806 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC, 807 OHCI_CC_STALL); 808 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE, 809 0); 810 break; 811 default: 812 printf("usb-ohci: Bad device response %d\n", ret); 813 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC, 814 OHCI_CC_UNDEXPETEDPID); 815 break; 816 } 817 } 818 } 819 820 if (relative_frame_number == frame_count) { 821 /* Last data packet of ISO TD - retire the TD to the Done Queue */ 822 OHCI_SET_BM(iso_td.flags, TD_CC, OHCI_CC_NOERROR); 823 ed->head &= ~OHCI_DPTR_MASK; 824 ed->head |= (iso_td.next & OHCI_DPTR_MASK); 825 iso_td.next = ohci->done; 826 ohci->done = addr; 827 i = OHCI_BM(iso_td.flags, TD_DI); 828 if (i < ohci->done_count) 829 ohci->done_count = i; 830 } 831 ohci_put_iso_td(ohci, addr, &iso_td); 832 return 1; 833} 834 835/* Service a transport descriptor. 836 Returns nonzero to terminate processing of this endpoint. */ 837 838static int ohci_service_td(OHCIState *ohci, struct ohci_ed *ed) 839{ 840 int dir; 841 size_t len = 0; 842 const char *str = NULL; 843 int pid; 844 int ret; 845 int i; 846 USBDevice *dev; 847 struct ohci_td td; 848 uint32_t addr; 849 int flag_r; 850 int completion; 851 852 addr = ed->head & OHCI_DPTR_MASK; 853 /* See if this TD has already been submitted to the device. */ 854 completion = (addr == ohci->async_td); 855 if (completion && !ohci->async_complete) { 856#ifdef DEBUG_PACKET 857 dprintf("Skipping async TD\n"); 858#endif 859 return 1; 860 } 861 if (!ohci_read_td(ohci, addr, &td)) { 862 fprintf(stderr, "usb-ohci: TD read error at %x\n", addr); 863 return 0; 864 } 865 866 dir = OHCI_BM(ed->flags, ED_D); 867 switch (dir) { 868 case OHCI_TD_DIR_OUT: 869 case OHCI_TD_DIR_IN: 870 /* Same value. */ 871 break; 872 default: 873 dir = OHCI_BM(td.flags, TD_DP); 874 break; 875 } 876 877 switch (dir) { 878 case OHCI_TD_DIR_IN: 879 str = "in"; 880 pid = USB_TOKEN_IN; 881 break; 882 case OHCI_TD_DIR_OUT: 883 str = "out"; 884 pid = USB_TOKEN_OUT; 885 break; 886 case OHCI_TD_DIR_SETUP: 887 str = "setup"; 888 pid = USB_TOKEN_SETUP; 889 break; 890 default: 891 fprintf(stderr, "usb-ohci: Bad direction\n"); 892 return 1; 893 } 894 if (td.cbp && td.be) { 895 if ((td.cbp & 0xfffff000) != (td.be & 0xfffff000)) { 896 len = (td.be & 0xfff) + 0x1001 - (td.cbp & 0xfff); 897 } else { 898 len = (td.be - td.cbp) + 1; 899 } 900 901 if (len && dir != OHCI_TD_DIR_IN && !completion) { 902 ohci_copy_td(ohci, &td, ohci->usb_buf, len, 0); 903 } 904 } 905 906 flag_r = (td.flags & OHCI_TD_R) != 0; 907#ifdef DEBUG_PACKET 908 dprintf(" TD @ 0x%.8x %u bytes %s r=%d cbp=0x%.8x be=0x%.8x\n", 909 addr, len, str, flag_r, td.cbp, td.be); 910 911 if (len > 0 && dir != OHCI_TD_DIR_IN) { 912 dprintf(" data:"); 913 for (i = 0; i < len; i++) 914 printf(" %.2x", ohci->usb_buf[i]); 915 dprintf("\n"); 916 } 917#endif 918 if (completion) { 919 ret = ohci->usb_packet.len; 920 ohci->async_td = 0; 921 ohci->async_complete = 0; 922 } else { 923 ret = USB_RET_NODEV; 924 for (i = 0; i < ohci->num_ports; i++) { 925 dev = ohci->rhport[i].port.dev; 926 if ((ohci->rhport[i].ctrl & OHCI_PORT_PES) == 0) 927 continue; 928 929 if (ohci->async_td) { 930 /* ??? The hardware should allow one active packet per 931 endpoint. We only allow one active packet per controller. 932 This should be sufficient as long as devices respond in a 933 timely manner. 934 */ 935#ifdef DEBUG_PACKET 936 dprintf("Too many pending packets\n"); 937#endif 938 return 1; 939 } 940 ohci->usb_packet.pid = pid; 941 ohci->usb_packet.devaddr = OHCI_BM(ed->flags, ED_FA); 942 ohci->usb_packet.devep = OHCI_BM(ed->flags, ED_EN); 943 ohci->usb_packet.data = ohci->usb_buf; 944 ohci->usb_packet.len = len; 945 ohci->usb_packet.complete_cb = ohci_async_complete_packet; 946 ohci->usb_packet.complete_opaque = ohci; 947 ret = dev->handle_packet(dev, &ohci->usb_packet); 948 if (ret != USB_RET_NODEV) 949 break; 950 } 951#ifdef DEBUG_PACKET 952 dprintf("ret=%d\n", ret); 953#endif 954 if (ret == USB_RET_ASYNC) { 955 ohci->async_td = addr; 956 return 1; 957 } 958 } 959 if (ret >= 0) { 960 if (dir == OHCI_TD_DIR_IN) { 961 ohci_copy_td(ohci, &td, ohci->usb_buf, ret, 1); 962#ifdef DEBUG_PACKET 963 dprintf(" data:"); 964 for (i = 0; i < ret; i++) 965 printf(" %.2x", ohci->usb_buf[i]); 966 dprintf("\n"); 967#endif 968 } else { 969 ret = len; 970 } 971 } 972 973 /* Writeback */ 974 if (ret == len || (dir == OHCI_TD_DIR_IN && ret >= 0 && flag_r)) { 975 /* Transmission succeeded. */ 976 if (ret == len) { 977 td.cbp = 0; 978 } else { 979 td.cbp += ret; 980 if ((td.cbp & 0xfff) + ret > 0xfff) { 981 td.cbp &= 0xfff; 982 td.cbp |= td.be & ~0xfff; 983 } 984 } 985 td.flags |= OHCI_TD_T1; 986 td.flags ^= OHCI_TD_T0; 987 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_NOERROR); 988 OHCI_SET_BM(td.flags, TD_EC, 0); 989 990 ed->head &= ~OHCI_ED_C; 991 if (td.flags & OHCI_TD_T0) 992 ed->head |= OHCI_ED_C; 993 } else { 994 if (ret >= 0) { 995 dprintf("usb-ohci: Underrun\n"); 996 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DATAUNDERRUN); 997 } else { 998 switch (ret) { 999 case USB_RET_NODEV: 1000 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DEVICENOTRESPONDING); 1001 case USB_RET_NAK: 1002 dprintf("usb-ohci: got NAK\n"); 1003 return 1; 1004 case USB_RET_STALL: 1005 dprintf("usb-ohci: got STALL\n"); 1006 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_STALL); 1007 break; 1008 case USB_RET_BABBLE: 1009 dprintf("usb-ohci: got BABBLE\n"); 1010 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DATAOVERRUN); 1011 break; 1012 default: 1013 fprintf(stderr, "usb-ohci: Bad device response %d\n", ret); 1014 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_UNDEXPETEDPID); 1015 OHCI_SET_BM(td.flags, TD_EC, 3); 1016 break; 1017 } 1018 } 1019 ed->head |= OHCI_ED_H; 1020 } 1021 1022 /* Retire this TD */ 1023 ed->head &= ~OHCI_DPTR_MASK; 1024 ed->head |= td.next & OHCI_DPTR_MASK; 1025 td.next = ohci->done; 1026 ohci->done = addr; 1027 i = OHCI_BM(td.flags, TD_DI); 1028 if (i < ohci->done_count) 1029 ohci->done_count = i; 1030 ohci_put_td(ohci, addr, &td); 1031 return OHCI_BM(td.flags, TD_CC) != OHCI_CC_NOERROR; 1032} 1033 1034/* Service an endpoint list. Returns nonzero if active TD were found. */ 1035static int ohci_service_ed_list(OHCIState *ohci, uint32_t head, int completion) 1036{ 1037 struct ohci_ed ed; 1038 uint32_t next_ed; 1039 uint32_t cur; 1040 int active; 1041 1042 active = 0; 1043 1044 if (head == 0) 1045 return 0; 1046 1047 for (cur = head; cur; cur = next_ed) { 1048 if (!ohci_read_ed(ohci, cur, &ed)) { 1049 fprintf(stderr, "usb-ohci: ED read error at %x\n", cur); 1050 return 0; 1051 } 1052 1053 next_ed = ed.next & OHCI_DPTR_MASK; 1054 1055 if ((ed.head & OHCI_ED_H) || (ed.flags & OHCI_ED_K)) { 1056 uint32_t addr; 1057 /* Cancel pending packets for ED that have been paused. */ 1058 addr = ed.head & OHCI_DPTR_MASK; 1059 if (ohci->async_td && addr == ohci->async_td) { 1060 usb_cancel_packet(&ohci->usb_packet); 1061 ohci->async_td = 0; 1062 } 1063 continue; 1064 } 1065 1066 while ((ed.head & OHCI_DPTR_MASK) != ed.tail) { 1067#ifdef DEBUG_PACKET 1068 dprintf("ED @ 0x%.8x fa=%u en=%u d=%u s=%u k=%u f=%u mps=%u " 1069 "h=%u c=%u\n head=0x%.8x tailp=0x%.8x next=0x%.8x\n", cur, 1070 OHCI_BM(ed.flags, ED_FA), OHCI_BM(ed.flags, ED_EN), 1071 OHCI_BM(ed.flags, ED_D), (ed.flags & OHCI_ED_S)!= 0, 1072 (ed.flags & OHCI_ED_K) != 0, (ed.flags & OHCI_ED_F) != 0, 1073 OHCI_BM(ed.flags, ED_MPS), (ed.head & OHCI_ED_H) != 0, 1074 (ed.head & OHCI_ED_C) != 0, ed.head & OHCI_DPTR_MASK, 1075 ed.tail & OHCI_DPTR_MASK, ed.next & OHCI_DPTR_MASK); 1076#endif 1077 active = 1; 1078 1079 if ((ed.flags & OHCI_ED_F) == 0) { 1080 if (ohci_service_td(ohci, &ed)) 1081 break; 1082 } else { 1083 /* Handle isochronous endpoints */ 1084 if (ohci_service_iso_td(ohci, &ed, completion)) 1085 break; 1086 } 1087 } 1088 1089 ohci_put_ed(ohci, cur, &ed); 1090 } 1091 1092 return active; 1093} 1094 1095/* Generate a SOF event, and set a timer for EOF */ 1096static void ohci_sof(OHCIState *ohci) 1097{ 1098 ohci->sof_time = qemu_get_clock_ns(vm_clock); 1099 qemu_mod_timer(ohci->eof_timer, ohci->sof_time + usb_frame_time); 1100 ohci_set_interrupt(ohci, OHCI_INTR_SF); 1101} 1102 1103/* Process Control and Bulk lists. */ 1104static void ohci_process_lists(OHCIState *ohci, int completion) 1105{ 1106 if ((ohci->ctl & OHCI_CTL_CLE) && (ohci->status & OHCI_STATUS_CLF)) { 1107 if (ohci->ctrl_cur && ohci->ctrl_cur != ohci->ctrl_head) 1108 dprintf("usb-ohci: head %x, cur %x\n", 1109 ohci->ctrl_head, ohci->ctrl_cur); 1110 if (!ohci_service_ed_list(ohci, ohci->ctrl_head, completion)) { 1111 ohci->ctrl_cur = 0; 1112 ohci->status &= ~OHCI_STATUS_CLF; 1113 } 1114 } 1115 1116 if ((ohci->ctl & OHCI_CTL_BLE) && (ohci->status & OHCI_STATUS_BLF)) { 1117 if (!ohci_service_ed_list(ohci, ohci->bulk_head, completion)) { 1118 ohci->bulk_cur = 0; 1119 ohci->status &= ~OHCI_STATUS_BLF; 1120 } 1121 } 1122} 1123 1124/* Do frame processing on frame boundary */ 1125static void ohci_frame_boundary(void *opaque) 1126{ 1127 OHCIState *ohci = opaque; 1128 struct ohci_hcca hcca; 1129 1130 ohci_read_hcca(ohci, ohci->hcca, &hcca); 1131 1132 /* Process all the lists at the end of the frame */ 1133 if (ohci->ctl & OHCI_CTL_PLE) { 1134 int n; 1135 1136 n = ohci->frame_number & 0x1f; 1137 ohci_service_ed_list(ohci, le32_to_cpu(hcca.intr[n]), 0); 1138 } 1139 1140 /* Cancel all pending packets if either of the lists has been disabled. */ 1141 if (ohci->async_td && 1142 ohci->old_ctl & (~ohci->ctl) & (OHCI_CTL_BLE | OHCI_CTL_CLE)) { 1143 usb_cancel_packet(&ohci->usb_packet); 1144 ohci->async_td = 0; 1145 } 1146 ohci->old_ctl = ohci->ctl; 1147 ohci_process_lists(ohci, 0); 1148 1149 /* Frame boundary, so do EOF stuf here */ 1150 ohci->frt = ohci->fit; 1151 1152 /* XXX: endianness */ 1153 ohci->frame_number = (ohci->frame_number + 1) & 0xffff; 1154 hcca.frame = cpu_to_le32(ohci->frame_number); 1155 1156 if (ohci->done_count == 0 && !(ohci->intr_status & OHCI_INTR_WD)) { 1157 if (!ohci->done) 1158 abort(); 1159 if (ohci->intr & ohci->intr_status) 1160 ohci->done |= 1; 1161 hcca.done = cpu_to_le32(ohci->done); 1162 ohci->done = 0; 1163 ohci->done_count = 7; 1164 ohci_set_interrupt(ohci, OHCI_INTR_WD); 1165 } 1166 1167 if (ohci->done_count != 7 && ohci->done_count != 0) 1168 ohci->done_count--; 1169 1170 /* Do SOF stuff here */ 1171 ohci_sof(ohci); 1172 1173 /* Writeback HCCA */ 1174 ohci_put_hcca(ohci, ohci->hcca, &hcca); 1175} 1176 1177/* Start sending SOF tokens across the USB bus, lists are processed in 1178 * next frame 1179 */ 1180static int ohci_bus_start(OHCIState *ohci) 1181{ 1182 ohci->eof_timer = qemu_new_timer_ns(vm_clock, 1183 ohci_frame_boundary, 1184 ohci); 1185 1186 if (ohci->eof_timer == NULL) { 1187 fprintf(stderr, "usb-ohci: %s: qemu_new_timer_ns failed\n", ohci->name); 1188 /* TODO: Signal unrecoverable error */ 1189 return 0; 1190 } 1191 1192 dprintf("usb-ohci: %s: USB Operational\n", ohci->name); 1193 1194 ohci_sof(ohci); 1195 1196 return 1; 1197} 1198 1199/* Stop sending SOF tokens on the bus */ 1200static void ohci_bus_stop(OHCIState *ohci) 1201{ 1202 if (ohci->eof_timer) 1203 qemu_del_timer(ohci->eof_timer); 1204 ohci->eof_timer = NULL; 1205} 1206 1207/* Sets a flag in a port status register but only set it if the port is 1208 * connected, if not set ConnectStatusChange flag. If flag is enabled 1209 * return 1. 1210 */ 1211static int ohci_port_set_if_connected(OHCIState *ohci, int i, uint32_t val) 1212{ 1213 int ret = 1; 1214 1215 /* writing a 0 has no effect */ 1216 if (val == 0) 1217 return 0; 1218 1219 /* If CurrentConnectStatus is cleared we set 1220 * ConnectStatusChange 1221 */ 1222 if (!(ohci->rhport[i].ctrl & OHCI_PORT_CCS)) { 1223 ohci->rhport[i].ctrl |= OHCI_PORT_CSC; 1224 if (ohci->rhstatus & OHCI_RHS_DRWE) { 1225 /* TODO: CSC is a wakeup event */ 1226 } 1227 return 0; 1228 } 1229 1230 if (ohci->rhport[i].ctrl & val) 1231 ret = 0; 1232 1233 /* set the bit */ 1234 ohci->rhport[i].ctrl |= val; 1235 1236 return ret; 1237} 1238 1239/* Set the frame interval - frame interval toggle is manipulated by the hcd only */ 1240static void ohci_set_frame_interval(OHCIState *ohci, uint16_t val) 1241{ 1242 val &= OHCI_FMI_FI; 1243 1244 if (val != ohci->fi) { 1245 dprintf("usb-ohci: %s: FrameInterval = 0x%x (%u)\n", 1246 ohci->name, ohci->fi, ohci->fi); 1247 } 1248 1249 ohci->fi = val; 1250} 1251 1252static void ohci_port_power(OHCIState *ohci, int i, int p) 1253{ 1254 if (p) { 1255 ohci->rhport[i].ctrl |= OHCI_PORT_PPS; 1256 } else { 1257 ohci->rhport[i].ctrl &= ~(OHCI_PORT_PPS| 1258 OHCI_PORT_CCS| 1259 OHCI_PORT_PSS| 1260 OHCI_PORT_PRS); 1261 } 1262} 1263 1264/* Set HcControlRegister */ 1265static void ohci_set_ctl(OHCIState *ohci, uint32_t val) 1266{ 1267 uint32_t old_state; 1268 uint32_t new_state; 1269 1270 old_state = ohci->ctl & OHCI_CTL_HCFS; 1271 ohci->ctl = val; 1272 new_state = ohci->ctl & OHCI_CTL_HCFS; 1273 1274 /* no state change */ 1275 if (old_state == new_state) 1276 return; 1277 1278 switch (new_state) { 1279 case OHCI_USB_OPERATIONAL: 1280 ohci_bus_start(ohci); 1281 break; 1282 case OHCI_USB_SUSPEND: 1283 ohci_bus_stop(ohci); 1284 dprintf("usb-ohci: %s: USB Suspended\n", ohci->name); 1285 break; 1286 case OHCI_USB_RESUME: 1287 dprintf("usb-ohci: %s: USB Resume\n", ohci->name); 1288 break; 1289 case OHCI_USB_RESET: 1290 ohci_reset(ohci); 1291 dprintf("usb-ohci: %s: USB Reset\n", ohci->name); 1292 break; 1293 } 1294} 1295 1296static uint32_t ohci_get_frame_remaining(OHCIState *ohci) 1297{ 1298 uint16_t fr; 1299 int64_t tks; 1300 1301 if ((ohci->ctl & OHCI_CTL_HCFS) != OHCI_USB_OPERATIONAL) 1302 return (ohci->frt << 31); 1303 1304 /* Being in USB operational state guarnatees sof_time was 1305 * set already. 1306 */ 1307 tks = qemu_get_clock_ns(vm_clock) - ohci->sof_time; 1308 1309 /* avoid muldiv if possible */ 1310 if (tks >= usb_frame_time) 1311 return (ohci->frt << 31); 1312 1313 tks = muldiv64(1, tks, usb_bit_time); 1314 fr = (uint16_t)(ohci->fi - tks); 1315 1316 return (ohci->frt << 31) | fr; 1317} 1318 1319 1320/* Set root hub status */ 1321static void ohci_set_hub_status(OHCIState *ohci, uint32_t val) 1322{ 1323 uint32_t old_state; 1324 1325 old_state = ohci->rhstatus; 1326 1327 /* write 1 to clear OCIC */ 1328 if (val & OHCI_RHS_OCIC) 1329 ohci->rhstatus &= ~OHCI_RHS_OCIC; 1330 1331 if (val & OHCI_RHS_LPS) { 1332 int i; 1333 1334 for (i = 0; i < ohci->num_ports; i++) 1335 ohci_port_power(ohci, i, 0); 1336 dprintf("usb-ohci: powered down all ports\n"); 1337 } 1338 1339 if (val & OHCI_RHS_LPSC) { 1340 int i; 1341 1342 for (i = 0; i < ohci->num_ports; i++) 1343 ohci_port_power(ohci, i, 1); 1344 dprintf("usb-ohci: powered up all ports\n"); 1345 } 1346 1347 if (val & OHCI_RHS_DRWE) 1348 ohci->rhstatus |= OHCI_RHS_DRWE; 1349 1350 if (val & OHCI_RHS_CRWE) 1351 ohci->rhstatus &= ~OHCI_RHS_DRWE; 1352 1353 if (old_state != ohci->rhstatus) 1354 ohci_set_interrupt(ohci, OHCI_INTR_RHSC); 1355} 1356 1357/* Set root hub port status */ 1358static void ohci_port_set_status(OHCIState *ohci, int portnum, uint32_t val) 1359{ 1360 uint32_t old_state; 1361 OHCIPort *port; 1362 1363 port = &ohci->rhport[portnum]; 1364 old_state = port->ctrl; 1365 1366 /* Write to clear CSC, PESC, PSSC, OCIC, PRSC */ 1367 if (val & OHCI_PORT_WTC) 1368 port->ctrl &= ~(val & OHCI_PORT_WTC); 1369 1370 if (val & OHCI_PORT_CCS) 1371 port->ctrl &= ~OHCI_PORT_PES; 1372 1373 ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PES); 1374 1375 if (ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PSS)) 1376 dprintf("usb-ohci: port %d: SUSPEND\n", portnum); 1377 1378 if (ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PRS)) { 1379 dprintf("usb-ohci: port %d: RESET\n", portnum); 1380 usb_send_msg(port->port.dev, USB_MSG_RESET); 1381 port->ctrl &= ~OHCI_PORT_PRS; 1382 /* ??? Should this also set OHCI_PORT_PESC. */ 1383 port->ctrl |= OHCI_PORT_PES | OHCI_PORT_PRSC; 1384 } 1385 1386 /* Invert order here to ensure in ambiguous case, device is 1387 * powered up... 1388 */ 1389 if (val & OHCI_PORT_LSDA) 1390 ohci_port_power(ohci, portnum, 0); 1391 if (val & OHCI_PORT_PPS) 1392 ohci_port_power(ohci, portnum, 1); 1393 1394 if (old_state != port->ctrl) 1395 ohci_set_interrupt(ohci, OHCI_INTR_RHSC); 1396 1397 return; 1398} 1399 1400static uint32_t ohci_mem_read(void *ptr, target_phys_addr_t addr) 1401{ 1402 OHCIState *ohci = ptr; 1403 uint32_t retval; 1404 1405 /* Only aligned reads are allowed on OHCI */ 1406 if (addr & 3) { 1407 fprintf(stderr, "usb-ohci: Mis-aligned read\n"); 1408 return 0xffffffff; 1409 } else if (addr >= 0x54 && addr < 0x54 + ohci->num_ports * 4) { 1410 /* HcRhPortStatus */ 1411 retval = ohci->rhport[(addr - 0x54) >> 2].ctrl | OHCI_PORT_PPS; 1412 } else { 1413 switch (addr >> 2) { 1414 case 0: /* HcRevision */ 1415 retval = 0x10; 1416 break; 1417 1418 case 1: /* HcControl */ 1419 retval = ohci->ctl; 1420 break; 1421 1422 case 2: /* HcCommandStatus */ 1423 retval = ohci->status; 1424 break; 1425 1426 case 3: /* HcInterruptStatus */ 1427 retval = ohci->intr_status; 1428 break; 1429 1430 case 4: /* HcInterruptEnable */ 1431 case 5: /* HcInterruptDisable */ 1432 retval = ohci->intr; 1433 break; 1434 1435 case 6: /* HcHCCA */ 1436 retval = ohci->hcca; 1437 break; 1438 1439 case 7: /* HcPeriodCurrentED */ 1440 retval = ohci->per_cur; 1441 break; 1442 1443 case 8: /* HcControlHeadED */ 1444 retval = ohci->ctrl_head; 1445 break; 1446 1447 case 9: /* HcControlCurrentED */ 1448 retval = ohci->ctrl_cur; 1449 break; 1450 1451 case 10: /* HcBulkHeadED */ 1452 retval = ohci->bulk_head; 1453 break; 1454 1455 case 11: /* HcBulkCurrentED */ 1456 retval = ohci->bulk_cur; 1457 break; 1458 1459 case 12: /* HcDoneHead */ 1460 retval = ohci->done; 1461 break; 1462 1463 case 13: /* HcFmInterretval */ 1464 retval = (ohci->fit << 31) | (ohci->fsmps << 16) | (ohci->fi); 1465 break; 1466 1467 case 14: /* HcFmRemaining */ 1468 retval = ohci_get_frame_remaining(ohci); 1469 break; 1470 1471 case 15: /* HcFmNumber */ 1472 retval = ohci->frame_number; 1473 break; 1474 1475 case 16: /* HcPeriodicStart */ 1476 retval = ohci->pstart; 1477 break; 1478 1479 case 17: /* HcLSThreshold */ 1480 retval = ohci->lst; 1481 break; 1482 1483 case 18: /* HcRhDescriptorA */ 1484 retval = ohci->rhdesc_a; 1485 break; 1486 1487 case 19: /* HcRhDescriptorB */ 1488 retval = ohci->rhdesc_b; 1489 break; 1490 1491 case 20: /* HcRhStatus */ 1492 retval = ohci->rhstatus; 1493 break; 1494 1495 /* PXA27x specific registers */ 1496 case 24: /* HcStatus */ 1497 retval = ohci->hstatus & ohci->hmask; 1498 break; 1499 1500 case 25: /* HcHReset */ 1501 retval = ohci->hreset; 1502 break; 1503 1504 case 26: /* HcHInterruptEnable */ 1505 retval = ohci->hmask; 1506 break; 1507 1508 case 27: /* HcHInterruptTest */ 1509 retval = ohci->htest; 1510 break; 1511 1512 default: 1513 fprintf(stderr, "ohci_read: Bad offset %x\n", (int)addr); 1514 retval = 0xffffffff; 1515 } 1516 } 1517 1518#ifdef TARGET_WORDS_BIGENDIAN 1519 retval = bswap32(retval); 1520#endif 1521 return retval; 1522} 1523 1524static void ohci_mem_write(void *ptr, target_phys_addr_t addr, uint32_t val) 1525{ 1526 OHCIState *ohci = ptr; 1527 1528#ifdef TARGET_WORDS_BIGENDIAN 1529 val = bswap32(val); 1530#endif 1531 1532 /* Only aligned reads are allowed on OHCI */ 1533 if (addr & 3) { 1534 fprintf(stderr, "usb-ohci: Mis-aligned write\n"); 1535 return; 1536 } 1537 1538 if (addr >= 0x54 && addr < 0x54 + ohci->num_ports * 4) { 1539 /* HcRhPortStatus */ 1540 ohci_port_set_status(ohci, (addr - 0x54) >> 2, val); 1541 return; 1542 } 1543 1544 switch (addr >> 2) { 1545 case 1: /* HcControl */ 1546 ohci_set_ctl(ohci, val); 1547 break; 1548 1549 case 2: /* HcCommandStatus */ 1550 /* SOC is read-only */ 1551 val = (val & ~OHCI_STATUS_SOC); 1552 1553 /* Bits written as '0' remain unchanged in the register */ 1554 ohci->status |= val; 1555 1556 if (ohci->status & OHCI_STATUS_HCR) 1557 ohci_reset(ohci); 1558 break; 1559 1560 case 3: /* HcInterruptStatus */ 1561 ohci->intr_status &= ~val; 1562 ohci_intr_update(ohci); 1563 break; 1564 1565 case 4: /* HcInterruptEnable */ 1566 ohci->intr |= val; 1567 ohci_intr_update(ohci); 1568 break; 1569 1570 case 5: /* HcInterruptDisable */ 1571 ohci->intr &= ~val; 1572 ohci_intr_update(ohci); 1573 break; 1574 1575 case 6: /* HcHCCA */ 1576 ohci->hcca = val & OHCI_HCCA_MASK; 1577 break; 1578 1579 case 8: /* HcControlHeadED */ 1580 ohci->ctrl_head = val & OHCI_EDPTR_MASK; 1581 break; 1582 1583 case 9: /* HcControlCurrentED */ 1584 ohci->ctrl_cur = val & OHCI_EDPTR_MASK; 1585 break; 1586 1587 case 10: /* HcBulkHeadED */ 1588 ohci->bulk_head = val & OHCI_EDPTR_MASK; 1589 break; 1590 1591 case 11: /* HcBulkCurrentED */ 1592 ohci->bulk_cur = val & OHCI_EDPTR_MASK; 1593 break; 1594 1595 case 13: /* HcFmInterval */ 1596 ohci->fsmps = (val & OHCI_FMI_FSMPS) >> 16; 1597 ohci->fit = (val & OHCI_FMI_FIT) >> 31; 1598 ohci_set_frame_interval(ohci, val); 1599 break; 1600 1601 case 15: /* HcFmNumber */ 1602 break; 1603 1604 case 16: /* HcPeriodicStart */ 1605 ohci->pstart = val & 0xffff; 1606 break; 1607 1608 case 17: /* HcLSThreshold */ 1609 ohci->lst = val & 0xffff; 1610 break; 1611 1612 case 18: /* HcRhDescriptorA */ 1613 ohci->rhdesc_a &= ~OHCI_RHA_RW_MASK; 1614 ohci->rhdesc_a |= val & OHCI_RHA_RW_MASK; 1615 break; 1616 1617 case 19: /* HcRhDescriptorB */ 1618 break; 1619 1620 case 20: /* HcRhStatus */ 1621 ohci_set_hub_status(ohci, val); 1622 break; 1623 1624 /* PXA27x specific registers */ 1625 case 24: /* HcStatus */ 1626 ohci->hstatus &= ~(val & ohci->hmask); 1627 1628 case 25: /* HcHReset */ 1629 ohci->hreset = val & ~OHCI_HRESET_FSBIR; 1630 if (val & OHCI_HRESET_FSBIR) 1631 ohci_reset(ohci); 1632 break; 1633 1634 case 26: /* HcHInterruptEnable */ 1635 ohci->hmask = val; 1636 break; 1637 1638 case 27: /* HcHInterruptTest */ 1639 ohci->htest = val; 1640 break; 1641 1642 default: 1643 fprintf(stderr, "ohci_write: Bad offset %x\n", (int)addr); 1644 break; 1645 } 1646} 1647 1648/* Only dword reads are defined on OHCI register space */ 1649static CPUReadMemoryFunc *ohci_readfn[3]={ 1650 ohci_mem_read, 1651 ohci_mem_read, 1652 ohci_mem_read 1653}; 1654 1655/* Only dword writes are defined on OHCI register space */ 1656static CPUWriteMemoryFunc *ohci_writefn[3]={ 1657 ohci_mem_write, 1658 ohci_mem_write, 1659 ohci_mem_write 1660}; 1661 1662static void usb_ohci_init(OHCIState *ohci, int num_ports, int devfn, 1663 qemu_irq irq, enum ohci_type type, 1664 const char *name, uint32_t localmem_base) 1665{ 1666 int i; 1667 1668 if (usb_frame_time == 0) { 1669#ifdef OHCI_TIME_WARP 1670 usb_frame_time = get_ticks_per_sec(); 1671 usb_bit_time = muldiv64(1, get_ticks_per_sec(), USB_HZ/1000); 1672#else 1673 usb_frame_time = muldiv64(1, get_ticks_per_sec(), 1000); 1674 if (get_ticks_per_sec() >= USB_HZ) { 1675 usb_bit_time = muldiv64(1, get_ticks_per_sec(), USB_HZ); 1676 } else { 1677 usb_bit_time = 1; 1678 } 1679#endif 1680 dprintf("usb-ohci: usb_bit_time=%lli usb_frame_time=%lli\n", 1681 usb_frame_time, usb_bit_time); 1682 } 1683 1684 ohci->mem = cpu_register_io_memory(ohci_readfn, ohci_writefn, ohci); 1685 ohci->localmem_base = localmem_base; 1686 ohci->name = name; 1687 1688 ohci->irq = irq; 1689 ohci->type = type; 1690 1691 ohci->num_ports = num_ports; 1692 for (i = 0; i < num_ports; i++) { 1693 qemu_register_usb_port(&ohci->rhport[i].port, ohci, i, ohci_attach); 1694 } 1695 1696 ohci->async_td = 0; 1697 qemu_register_reset(ohci_reset, 0, ohci); 1698 ohci_reset(ohci); 1699} 1700 1701typedef struct { 1702 PCIDevice pci_dev; 1703 OHCIState state; 1704} OHCIPCIState; 1705 1706static void ohci_mapfunc(PCIDevice *pci_dev, int i, 1707 uint32_t addr, uint32_t size, int type) 1708{ 1709 OHCIPCIState *ohci = (OHCIPCIState *)pci_dev; 1710 cpu_register_physical_memory(addr, size, ohci->state.mem); 1711} 1712 1713void usb_ohci_init_pci(struct PCIBus *bus, int num_ports, int devfn) 1714{ 1715 OHCIPCIState *ohci; 1716 1717 ohci = (OHCIPCIState *)pci_register_device(bus, "OHCI USB", sizeof(*ohci), 1718 devfn, NULL, NULL); 1719 if (ohci == NULL) { 1720 fprintf(stderr, "usb-ohci: Failed to register PCI device\n"); 1721 return; 1722 } 1723 1724 pci_config_set_vendor_id(ohci->pci_dev.config, PCI_VENDOR_ID_APPLE); 1725 pci_config_set_device_id(ohci->pci_dev.config, 1726 PCI_DEVICE_ID_APPLE_IPID_USB); 1727 ohci->pci_dev.config[0x09] = 0x10; /* OHCI */ 1728 pci_config_set_class(ohci->pci_dev.config, PCI_CLASS_SERIAL_USB); 1729 ohci->pci_dev.config[0x3d] = 0x01; /* interrupt pin 1 */ 1730 1731 usb_ohci_init(&ohci->state, num_ports, devfn, ohci->pci_dev.irq[0], 1732 OHCI_TYPE_PCI, ohci->pci_dev.name, 0); 1733 1734 pci_register_bar((struct PCIDevice *)ohci, 0, 256, 1735 PCI_ADDRESS_SPACE_MEM, ohci_mapfunc); 1736} 1737 1738void usb_ohci_init_pxa(target_phys_addr_t base, int num_ports, int devfn, 1739 qemu_irq irq) 1740{ 1741 OHCIState *ohci = (OHCIState *)qemu_mallocz(sizeof(OHCIState)); 1742 1743 usb_ohci_init(ohci, num_ports, devfn, irq, 1744 OHCI_TYPE_PXA, "OHCI USB", 0); 1745 1746 cpu_register_physical_memory(base, 0x1000, ohci->mem); 1747} 1748 1749void usb_ohci_init_sm501(uint32_t mmio_base, uint32_t localmem_base, 1750 int num_ports, int devfn, qemu_irq irq) 1751{ 1752 OHCIState *ohci = (OHCIState *)qemu_mallocz(sizeof(OHCIState)); 1753 1754 usb_ohci_init(ohci, num_ports, devfn, irq, 1755 OHCI_TYPE_SM501, "OHCI USB", localmem_base); 1756 1757 cpu_register_physical_memory(mmio_base, 0x1000, ohci->mem); 1758} 1759 1760